Dependency Convergence

[danieldietrich]

Currently we have an issue with the version convergence of the asciidoctorj dependency and the transitive asciidoctorj dependency of the asciidoctorj-pdf plugin.

We should explicitly include the need dependencies in our pom and not rely on any transitive dependency. Especially we should directly include asciidoctorj. But we should not include any SNAPSHOT version of a 3rd party library.

We need a maven build mechanism, which fails the build if there are any conflicting transitive dependencies. This can be accomplished for example with the maven-enforcer-plugin (see also this). Here is an example:

<plugin>
  <groupId>org.apache.maven.plugins</groupId>
  <artifactId>maven-enforcer-plugin</artifactId>
  <version>1.3.1</version>
  <executions>
    <execution>
      <id>enforce</id>
      <configuration>
        <rules>
          <DependencyConvergence/>
        </rules>
      </configuration>
      <goals>
        <goal>enforce</goal>
      </goals>
    </execution>
  </executions>
</plugin>

Is there a better way to do it than with the maven-enforcer-plugin?

Note: We shouldn't shade any dependencies.

[pivovarit]

no-longer applicable